package com.blr.controller;

import com.blr.entity.User;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PreFilter;
import org.springframework.web.bind.annotation.*;

import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import java.util.ArrayList;
import java.util.List;

@RestController
@RequestMapping("hello")
public class AuthorizeMethodController {

    //@PreAuthorize("hasRole('ADMIN') and authentication.name=='win7'")
    @PreAuthorize("hasAuthority('READ_INFO')")
    @GetMapping
    public String hello(){ return "hello"; }

    @PreAuthorize("authentication.name==#name") //http://localhost:8080/hello/name?name=root root角色进去可以访问 其他角色不行
    @GetMapping("/name")
    public String hello(String name){ return "hello:"+name; }

    /**
     * 参数：
     * [
     *     {"id":"1","name":"xiaohei"},
     *     {"id":"2","name":"xiaoming"},
     *     {"id":"3","name":"xiaosan"},
     *     {"id":"4","name":"xiaoli"},
     *     {"id":"5","name":"xiaoniu"}
     * ]
     * 结果：
     * users=[User{id=1, name='xiaohei'}, User{id=3, name='xiaosan'}, User{id=5, name='xiaoniu'}]**/
    @PreFilter(value = "filterObject.id%2!=0",filterTarget = "users") //filterTarget必须是 数组 集合类型 对请求参数过滤
    @PostMapping("users")
    public void addUsers(@RequestBody List<User> users){
        System.out.println("users="+users);
    }

    @PostAuthorize("returnObject.id==1") //http://localhost:8080/hello/userId?id=1 可以访问
    @GetMapping("/userId")
    public User addUsers(Integer id){
        return new User(id,"blr");
    }

    /**
     * 地址栏访问：
     * http://localhost:8080/hello/lists
     * 返回结果：
     * [{"id":0,"name":"blr0"},{"id":2,"name":"blr2"},{"id":4,"name":"blr4"},{"id":6,"name":"blr6"},{"id":8,"name":"blr8"}]**/
    @PostFilter("filterObject.id%2==0")//对方法的返回值进行过滤
    @GetMapping("/lists")
    public List<User> getAll(){
        List<User> users = new ArrayList<>();
        for (int i = 0; i < 10; i++){
            users.add(new User(i,"blr"+i));
        }
        return users;
    }

    @Secured({"ROLE_USER"}) //只能判断角色 lisi root可以
    @GetMapping("/secured")
    public User getUserByUsername(){
        return new User(99,"secured");
    }

    @Secured({"ROLE_ADMIN","ROLE_USER"}) //具有其中一个即可
    @GetMapping("/username")
    public User getUserByUsername2(String username){
        return new User(99,username);
    }

    @PermitAll
    @GetMapping("permitAll")
    public String permitAll(){
        return "PermitAll";
    }

    @DenyAll
    @GetMapping("/denyAll")
    public String denyAll(){
        return "DenyAll";
    }

    @RolesAllowed({"ROLE_ADMIN","ROLE_USER"}) //具有其中一个角色即可
    @GetMapping("/rolesAllowed")
    public String rolesAllowed(){
        return "RolesAllowed";
    }
}
